Businesses should be aware that, from 1 January 2021, the UK GDPR will apply to most processing of personal data in the UK (although in some cases, where processing of data subjects in the EU takes place, the GDPR itself will also apply).
The UK GDPR, like the GDPR itself, reaffirms and enhances, sometimes significantly, the rights of citizens and consumers to access their data electronically, to have it corrected or deleted, and to scrutinise data processing. The penalties for non-compliance are potentially severe. Proper judgement and systems need to be applied to data collection, and if data is lost, rapid notification is critical. However, data is also a strategic issue. Choosing what data to collect, how to use it, and how to protect it can bring great benefits. The value of a business can be greatly increased by good data practice.
We advise our clients on how best to achieve their strategic objectives while complying with an evolving regulatory regime. For corporate clients we highlight gaps in compliance, explain how to implement the requisite policies and procedures, resolve incidents and repair reputations. For private clients we identify the most effective ways to exercise and enforce their rights.
Our group comprises experts in data protection, privacy and reputation management, as well as non-lawyer cyber security specialists. It allows us to cover the full spectrum of support and advice, and to do so from the forefront, advising clients on issues such as AdTech, enforcement of data subject rights and cyber security.